Training - August 2-5

Please click on any Training title below to see pricing and full description.
Note: Please read all Registration Terms and Conditions carefully. Training courses include full access to the Business Hall, Sponsor Workshops and Sponsor Sessions.
Briefings are not included with the purchase of a Training pass, however, you may purchase a Briefings pass to complement your Trainings once you register. All Briefings and Trainings will be presented in English.

The current threat landscape has shifted. Traditional defenses are failing us. This class is about new strategies to defend ourselves as well as to provide tools to better find out who is attacking us and why. Some of the things we talk about you may implement immediately, others may take you a while to implement. Either way, consider what we discuss as a collection of tools at your disposal to annoy attackers, attribute who is attacking you and, finally, attack the attackers.

Looking to conduct more effective penetration tests? This challenging, fast-paced course will teach you how to best use available tools and methodologies to accurately emulate modern threats; all while adapting to tightening budgets, limited timeframes and diverse skillsets.

Attackers are constantly evolving, becoming more sophisticated in how they attack and evade security measures. It’s time penetration testers do as well. Develop stealth, evasion, and persistence techniques to effectively emulate the enemy and demonstrate the impact of an advanced attacker.

The days of running grep to find simple stack overflows are gone. Finding exploitable vulnerabilities, such as use-after-frees, often requires a thorough understanding of more complex code patterns such as reference counting and garbage collection. This two-day course teaches students how to dive into large C/C++ source code projects and find exploitable memory corruption vulnerabilities armed with nothing more than a text editor. Students will learn the necessary skills by focusing on real world vulnerabilities found in open source web browsers.

Learn about threats to your embedded design capable of revealing secret keys or causing faults, even if you have a bug-free and secure implementation. Focuses mainly on side-channel power analysis with the open-source ChipWhisperer software & hardware, but also covers related topics such as clock glitching.

Looking to sharpen you malware analysis skills? Then take this fast-paced class to develop skills in dealing with anti-reversing, packers and special case malware. You will practice your new skills by dissecting real malware via hands-on labs.

In this hands-on, lab driven course students will be taught a methodology and series of techniques used to perform penetration testing of mobile devices and applications. This course, created by the project leads for the OWASP MobiSec project, uses intense lab driven learning that allows the student to learn techniques, tools and a methodology for testing mobile applications.

Learn how to profile a target with devastating accuracy without ever sending a packet to their network. Taught by the 2-time winner of the Defcon Social Engineering CTF, get extensive hands on experience utilizing OSINT tools to optimize your next pentest/SE attacks. Lots of labs and practical coursework makes sure you get actual experience with the tools.

A 4-Day Journey in learning how to use advanced rapport, influence, elicitiation and psychological principles. Blended with scientifically accurate nonverbal training, this course is designed to make you a master social engineer.

From mind-bending XSS attacks, to exploiting CSRF vulnerabilities, to advanced SQL injection attacks, Advanced Web Attacks and Exploitation will broaden your knowledge of web application hacking and help you identify and circumvent various protection mechanisms in use on the web today.

This training is based on the best selling book “Backtrack 5 Wireless Penetration Testing" and will provide a highly technical and in-depth treatment of Wi-Fi security. The emphasis will be to provide participants with a deep understanding of the principles behind various attacks and not just a quick how-to guide on publicly available tools.

During the course of this training participants will do over 25+ hands-on lab sessions and will fight it out against live CTF challenges. These include - cracking WPA Enterprise (PEAP, EAP-TTLS), MITM attacks over Wireless, Creating Wi-Fi Backdoors, Scripting and Attack automation, Wireless Forensics and Security Best Practices.

Advanced Windows Exploitation provides an in-depth and hardcore drilldown into topics ranging from precision heap spraying to DEP and ASLR bypass techniques to real-world 64-bit kernel exploitation. This course is extremely hands-on and includes a lab environment, which is tailored to challenging and bringing the most out of you. The case studies covered include vulnerabilities discovered by our research team or exploits written by us.

This course will focus on the techniques and tools for testing the security of Android mobile applications. During this course the students will learn about important topics such as the Android Security model, the Android runtime, how to perform static analysis, traffic manipulation, memory dumps, debugging , code modification and dynamic analysis - from zero knowledge of the APK to full exploitation. Students of this course will learn how to operate and make the best of the AppUse custom VM for Android application penetration testing, from its own creators.

By taking this course you will be able to perform penetration testing on Android mobile applications and expose potential vulnerabilities in the tested application such as insecure storage, traffic manipulation, malicious intents, authentication and authorization problems, client side SQLi, bad cryptography, and more.

There are four technical skills required by security researchers, software quality assurance and test engineers, or developers concerned about security: Source code auditing, fuzzing, reverse engineering, and exploitation. Each of these domains is covered in detail.

The official Samurai-WTF (Web Testing Framework) training course given by one of the founders and lead developers of the project! You will learn the latest Samurai-WTF open source tools and the latest techniques to perform an end-to-end web penetration tests.

This two day course will take a deep-dive into the fundamentals of SCADA security and provide students with the knowledge that they need to safely perform penetration testing against live SCADA environments. The course will also provide students with methodologies through which security research may be performed against SCADA devices in order to identify 0day flaws in some of the world’s most critical systems. During the course, students will have the opportunity to engage in live attacks against programmable logic controllers (PLC’s) and other industrial control systems, to include activities such as SCADA RTOS firmware reversing and SCADA protocol fuzzing.

Secure boot, trusted execution environments and many other security mechanisms depend on the security of the underlying hardware. What if we can break the actual hardware? And what if that's EASIER than breaking the software?

This course provides an understanding of the possibilities and impact of hardware attacks such as side channel analysis and fault injection through a hands-on approach. Besides the necessary theory, students will perform exercises themselves in which they will, for instance, break a DES key through power analysis.

Bypassing Security Defenses is a course designed to rapidly teach students how to become penetration testers using the latest and greatest attack methods. This course is designed to teach you effective ways of getting around today's preventive technologies and further attack an organization as a penetration tester.

Information Assurance Associates (IA2) provides comprehensive CNSS-4016 Risk Analysis certification and the federal Risk Management Framework (RMF) training for Information System Security Managers (ISSM's), Certification Agents and Security Control Assessors (SCA's). The IA2 Risk Analysis Certification and Risk Management Framework (RMF) curriculum was specifically designed for cybersecurity practitioners that exercise security or Assessment and Authorization (A&A) as well as Program or Acquisition Management control over critical information infrastructures. This course provides four days of intense, highly concentrated, non-technical professional training necessary to achieve the fundamental knowledge, skills, and abilities needed to analyze, assess, control, determine, mitigate and manage risks within computer systems that store, process, display or transmit classified or sensitive information. This course provides training in knowledge factors and functional requirements established for Entry and Intermediate Level Risk Analysts and addresses professional processes and policy requirements established within the federal Risk Management Framework (RMF). Specific focus is directed on identifying, implementing and integrating management, acquisition and administrative risk methodologies for securing critical information infrastructures and establishing standards necessary to help protect the confidentiality, maintain the integrity and ensure the availability of critical organizational computing resources within a risk managed framework. Topical areas include those actions and activities necessary to facilitate risk centric analysis and assessment requirements as well as RMF actions and activities necessary to ensure that Authorizing Officials (AO's) have the information necessary to make informed, risk-based decisions. Special attention is directed on analyzing, evaluating, and assessing information system security risks and the procedures necessary to assess the impact and consequence of a realized risk on critical information infrastructures.

This course provides a solid foundation in cloud security, and includes a full day of hands-on labs to apply the principles in practice. We cover all the material needed to pass the Cloud Security Alliance Certificate of Cloud Security Knowledge (CCSK) exam, but add a pragmatic approach to immediate kick start your cloud security projects. For Black Hat we also add expanded material to show you how to take cloud security to the next level by leveraging DevOps techniques and the characteristics of the cloud.

Covering everything necessary to successfully manage an incident, students will work through various scenarios building response plans for each situation. From what should be in place prior to an incident, to knowing when to trust your network again, this practical course will teach you how to appropriately respond in real world incidents.

The US Special Operations Forces pioneered a methodology called F3EAD, which enabled amongst other things the ability to take out insurgent and terrorist networks. This class focuses on modifying the F3EAD methodology for utility in Cyber Defense Operations to allow cyber defenders to incorporate intelligence practices into their daily operations to focus not just on one off indicators but the overall threat actor. Intelligence enables cyber defense teams to look at the cyber battlefield from the 50,000-foot view and piece together all aspects of the cyber adversary's operations. From what altitude are you viewing the cyber battlefield?

Digital forensics and incident response are two of the most critical fields in all of information security. The staggering number of reported breaches in the last year has shown that the ability to rapidly respond to attacks is a vital capability for all organizations.

During this course, we will help you unlock the true potential and raw power of Maltego - from helping you to understand the underlying technologies to exploring the full potential of Maltego's analytic capabilities. Join us and we'll show you how to navigate and map the Internet's darkest rivers...

Security of Microsoft kernel is becoming hot topic nowadays.With the rise of sandbox technologies compomising sandboxed applications via kernel vulnerablities is nice approach.
Attendees will learn the various internals of the kernel exploit development, will face verious problem and will learn how to solve them.

This course will familiarize attendees with development of Microsoft Windows kernel exploit on 32-bit and 64-bit editions of Microsoft Windows.

Today all the companies business lays on Enterprise Business applications. It is a big systems that store and process all the companies critical data. Unfortunately there is still very low information about Security of those systems like how to bleak them during penetration tests and how to securely configure them. We will cover different software like ERP’s, Service Buses, CRM, Process Integration, SRM, and also software from other vendors like: SAP, Oracle and Microsoft and some of the less popular and custom business applications.

This training will empower you to understand which are the most critical security threats affecting your SAP platform. Learn how to assess your organization for SAP-specific vulnerabilities using opensource tools, and use exploits in a controlled environment to better understand and communicate the potential business risk. Learn how to mitigate existing vulnerabilities to protect yourself against the most common attack vectors. No previous SAP expertise required!

Get hands-on learning, exploring and defeating advanced exploit mitigation techniques including ASLR and DEP. Develop and hone your return oriented programming (ROP) skills, exploit browsers, embed and trigger reverse shells in PDFs, perform advanced heap sprays and work on complex "pwn2own style" exploits which involve info leaks and dynamic ROP
chains. Our custom lab environment, included for you to take home at the end of the class, has been designed and refined to provide a stable environment for exploit writing so we can deep dive early and often
across 32 and 64-bit platforms. Join us for a truly challenging two days! Can be combined with Exploit Lab: Red Team as a 4-day class.

Attendees of the Exploit Lab: Red Team will have a challenging and intense two day experience digging deep into the art of craft of software exploitation. This Lab focuses on providing hands-on experience
discovering and exploiting vulnerabilities across Linux and Windows platforms. By the end of the class attendees will have learned all about memory corruption techniques such as stack overflows, exception handler abuse, in-memory object corruption, vftable overwrites and exploiting use-after-free bugs. Even better, our Lab environment will be made available to all attendees to take with them and continue learning after the two days are complete! Can be combined with Exploit Lab: Black Belt as a 4-day class.

The cat and mouse game from the perspectives of both the cat AND the mouse. Hack it and Track it, is the only class of it's kind that will teach you how to pentest as well as retrace your steps through forensic analysis.

Hacking By Numbers Reloaded - BlackOps is a students final course in the Hacking By Numbers series before being deployed into "Combat". Here, they will sharpen their skills in real-world scenarios before being shipped off to battle.

Reality, Theory and Practice! This course is the "How did they do that?" of modern hacking attacks. We will lead you through the full compromise of a company's IT systems, explaining the tools and technologies, but especially the thinking, strategies and the methodologies for every step along the way.

As mobile phone usage continues to grow at an outstanding rate, this course shows you how you’d go about testing the mobile platforms, and installed applications to ensure they have been developed in a secure manner.
Hacking By Numbers Reloaded - Mobile Bootcamp will give you a complete and practical window into the methods used when attacking mobile platforms.

Web applications are the backbone of the modern, interactive Internet experience. We will lead you through the full compromise of various web application and associated infrastructure, explaining the tools and technologies, but especially the thinking, strategies and the methodologies for every step along the way.

This intensive, hands-on course covers examples of exploiting basic memory corruption vulnerabilities up through modern protections such as ASLR and DEP. This course dives deep into the problems encountered when developing real exploits such as space and character set issues. Attendees will learn the tools and techniques to find vulnerabilities and build working exploits as well as the mindset required to tackle exploitation techniques that are new to you.

Grand Idea Studio's Hardware Hacking and Reverse Engineering training course focuses on teaching board-level hardware hacking and reverse engineering techniques and skills. The course is a combination of lecture and hands-on exercises. It covers the hardware hacking processes, circuit board analysis and modification, embedded security, and common hardware attack vectors. The course concludes with a final hardware hacking challenge in which students must apply what they've learned in the course to defeat the security mechanism of a custom circuit board.

Ida Pro is touted as the premier disassembler available today, capable of disassembling machine languages for a large number of microprocessors and micro controllers. This course will cover advanced features of Ida that may be used to work through challenging reverse engineering problems. This course is taught using primarily x86 and ARM assembly language.

Ida Pro is touted as the premier disassembler available today, capable of disassembling machine languages for a large number of microprocessors and micro controllers. This course will cover essential features of Ida that anyone looking to begin using this tool should be familiar with. This course is taught using x86, 32-bit, assembly language.

This intensive two-day course is designed to teach the fundamental investigative techniques needed to respond to today’s landscape of threat actors and intrusion scenarios. Completely redeveloped with all-new material in 2013, the class is built upon a series of hands-on labs that highlight the phases of a targeted attack, key sources of evidence, and the forensic analysis know-how required to analyze them.

This course will focus on the techniques and tools for testing the security of iOS mobile applications. During this course the students will learn about important topics such as the iOS Security model, the Simulator, how to perform static analysis, traffic manipulation, and dynamic analysis. By taking this course you will be able to perform penetration testing on iOS mobile applications and expose potential vulnerabilities in the tested application.
The objectives of the course are:• Understand the iOS application threat landscape• Perform penetration testing on iOS mobile apps• Identify vulnerabilities and exploit them• Operate AppSec Labs' unique Open-Source iNalyzer customized dashboard for iOS pen-testing

Learn how to thoroughly lock down Linux and UNIX systems from Jay Beale, the creator of Bastille Linux. In this fully hands-on course, you’ll harden not only the operating system, but also the server programs running on it. You’ll massively increase their resiliency to attack, whether they are web, mail, FTP or DNS servers. You’ll also learn to use security tools to build in intrusion prevention system (IPS) functionality, advanced firewalling, spam filtering, and attack detection.

Almost every computer incident involves a trojan, backdoor, virus, or rootkit. Incident responders must be able to perform rapid analysis on the malware encountered in an effort to cure current infections and prevent future ones. This course provides a rapid introduction to the tools and methodologies used to perform malware analysis on executables found on Windows systems using a practical, hands-on approach.

The medical field is befoming more connected, and we are just beginning to see security issues related to that. Learn about where those security problems are appearing, how to identify them and develop techniques to protect the patients using those devices.

Step up your game with the latest advanced techniques for penetrating networks with the Metasploit Framework. Taught by a pair of shell-addicted, password-crazed, ruby fiends, so leave you python at the door

Do you want to find intruders in your network, but don't know where to begin? If the answer is yes, NSM 101 is the course for you. Join Richard Bejtlich as he explains Network Security Monitoring from the ground-up in this brand-new, hands-on course.

Embedded Edition is an advanced course offering from Deja vu Security. It teaches students the fundamentals of using Peach to fuzz embedded devices. This course covers the targeting, monitoring, and collection of crashes on custom hardware.

Premiering for the first time the newly revised "Penetration Testing with Kali Linux". This is an intense, hands-on security class by Offensive Security, the creators of BackTrack Linux and now Kali Linux.

Those who attend this session will leave with a full awareness of how to best protect buildings and grounds from unauthorized access, as well as how to compromise most existing physical security in order to gain access themselves. Distinguish good locks and access control from poor ones and become well-versed in picking and bypassing in order to assess your own company's security posture or augment your career as a penetration tester.

Learn how to create custom exploit shellcode for Windows, Linux and Mac OS X, and integrate your shellcode into Metasploit and public exploits. The Shellcode Lab holds your hand to take your security skills to the next level. Register for The Shellcode Lab now!

An introduction to digital signal processing, software radio, and the
powerful tools that enable the growing array of SDR projects within the
hacker community, this course takes a unique "software radio for
hackers" approach, building on the participants' knowledge of computer
programming and introducing them to the forefront of digital radio
technology. Participants will learn how to transmit, receive, and
analyze radio signals and will be prepared to use this knowledge in the
research of wireless communication security. Each student will receive
a HackRF One software defined radio transceiver, a $300 value.

"Hardware Enabled Software Exploitation" is a hands-on course covering tools and methods for manipulating, modifying, debugging, reverse engineering, interacting with, and exploiting the software and hardware of embedded systems. Students will learn how to use and develop tools and techniques for exploiting embedded devices: from mobiles to off-the-shelf-consumer electronics.

Penetration testing often focuses on individual vulnerabilities and services, but the quickest ways to exploit are often hands on and brute force. This four-day course introduces a tactical approach that does not rely on exploiting known vulnerabilities. Using a combination of new tools and lesser-known techniques, attendees will learn how to compromise systems without depending on standard exploits.

Tactical Response is a multidisciplinary approach to understanding the methodologies, techniques, and tools for both offensive and defensive security. This four-day course introduces a tactical approach for instrumenting and weaponizing your infrastructure. Using a combination of new tools, and uncommon techniques students will learn how to defend a network against today’s evolving threats.

Security vulnerabilities are an unfortunate, but unavoidable, part of today's computing systems. If exploited by internal or external users, these weaknesses can be catastrophic to your organization. Foundstone teaches step-by-step procedures for executing Internet, intranet, and host-level security reviews. This course is the definitive training for learning how to perform "tiger team" and attack and penetration assessments.

Foundstone instructors cover all the bases, presenting manual and scripted security-review techniques that go far beyond what automated analysis tools can do. You return to your organization with valuable knowledge, experience, and the ability to put your new skills into practice.

Foundstone instructors cover all the bases, presenting manual and scripted security-review techniques for Wi-Fi, Bluetooth, Zigbee, Z-Wave, RFID, and other wireless technologies that go far beyond what automated analysis tools can do. These are the wireless technologies used by corporate infrastructures, “The Internet of Things”, and personal electronics across the world. You will get hands on experience with breaking into wireless networks and be involved in live hacking demos by some of the guys who wrote the tools. This course is the definitive training for learning how to perform large scope wireless penetration assessments. You return to your organization with valuable knowledge, experience, and the ability to put your new skills into practice.

Learn to detect lies and find the TRUTH through the application of proven human-memory retrieval techniques while observing behavioral and emotional clues, and micro-expressions. Master the art of asking questions, how to phrase them, and when to ask them. Develop practical skills to establish rapport and gain trust which can be immediately applied in any situation, with anyone.

Learn everything about security visualization to make your log analysis and forensic investigations more efficient and effective. We explore situational awareness and learn how to uncover new insights and hidden attacks on your environment.

MDSec's course is delivered by the authors of the Web Application Hacker's Handbook, and the author of Burp Suite. It features hands-on hacking from the 2nd Edition of the Handbook, with 150+ examples including a CTF contest.